holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add support for condition match in the rules file

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
2011-09-21 15:20:50 -07:00
parent 7978993d2b
commit 75b4540d26
10 changed files with 123 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall6/lib.cli
View File

@@ -1558,6 +1558,7 @@ determine_capabilities() {
ACCOUNT_TARGET=
AUDIT_TARGET=
IPSET_V5=
CONDITION_MATCH=
chain=fooX$$
@@ -1709,6 +1710,7 @@ determine_capabilities() {
qt $IP6TABLES -A $chain -m ipv6header --header 255 && HEADER_MATCH=Yes
qt $IP6TABLES -A $chain -j ACCOUNT --addr 1::/122 --tname $chain && ACCOUNT_TARGET=Yes
qt $IP6TABLES -A $chain -j AUDIT --type drop && AUDIT_TARGET=Yes
qt $IP6TABLES -A $chain -m condition --condition foo && CONDITION_MATCH=Yes
qt $IP6TABLES -F $chain
@@ -1802,6 +1804,7 @@ report_capabilities() {
report_capability "ACCOUNT Target" $ACCOUNT_TARGET
report_capability "AUDIT Target" $AUDIT_TARGET
report_capability "ipset V5" $IPSET_V5
report_capability "Condition Match" $CONDITION_MATCH
fi
[ -n "$PKTTYPE" ] || USEPKTTYPE=
@@ -1869,6 +1872,7 @@ report_capabilities1() {
report_capability1 ACCOUNT_TARGET
report_capability1 AUDIT_TARGET
report_capability1 IPSET_V5
report_capability1 CONDITION_MATCH
echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION